Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-0252 | 5.0 |
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
|
05-02-2023 - 21:10 | 24-03-2015 - 17:59 | |
CVE-2015-0209 | 6.8 |
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corrup
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-0288 | 5.0 |
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) v
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-0286 | 5.0 |
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-0292 | 7.5 |
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corru
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-0287 | 5.0 |
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial o
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-0289 | 5.0 |
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference
|
13-12-2022 - 12:15 | 19-03-2015 - 22:59 | |
CVE-2015-2305 | 6.8 |
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary co
|
16-08-2022 - 13:29 | 30-03-2015 - 10:59 | |
CVE-2015-2301 | 7.5 |
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an a
|
16-08-2022 - 13:28 | 30-03-2015 - 10:59 | |
CVE-2015-2157 | 2.1 |
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
|
21-03-2019 - 17:04 | 27-03-2015 - 14:59 | |
CVE-2015-2331 | 7.5 |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial
|
30-10-2018 - 16:27 | 30-03-2015 - 10:59 | |
CVE-2015-2155 | 7.5 |
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
|
30-10-2018 - 16:27 | 24-03-2015 - 17:59 | |
CVE-2015-2153 | 5.0 |
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit
|
09-10-2018 - 19:56 | 24-03-2015 - 17:59 | |
CVE-2015-2154 | 5.0 |
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum val
|
09-10-2018 - 19:56 | 24-03-2015 - 17:59 | |
CVE-2015-0261 | 7.5 |
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative len
|
09-10-2018 - 19:55 | 24-03-2015 - 17:59 | |
CVE-2014-9140 | 5.0 |
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
|
09-10-2018 - 19:54 | 05-12-2014 - 16:59 | |
CVE-2014-9653 | 7.5 |
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers t
|
16-06-2018 - 01:29 | 30-03-2015 - 10:59 | |
CVE-2014-9705 | 7.5 |
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of m
|
05-01-2018 - 02:29 | 30-03-2015 - 10:59 | |
CVE-2015-0232 | 6.8 |
The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) v
|
05-01-2018 - 02:29 | 27-01-2015 - 20:04 | |
CVE-2015-0282 | 5.0 |
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
|
05-01-2018 - 02:29 | 24-03-2015 - 17:59 | |
CVE-2015-0273 | 7.5 |
Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier
|
05-01-2018 - 02:29 | 30-03-2015 - 10:59 | |
CVE-2015-1803 | 8.5 |
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer der
|
31-12-2016 - 02:59 | 20-03-2015 - 14:59 | |
CVE-2015-1804 | 8.5 |
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds
|
31-12-2016 - 02:59 | 20-03-2015 - 14:59 | |
CVE-2015-0231 | 7.5 |
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call th
|
31-12-2016 - 02:59 | 27-01-2015 - 20:03 | |
CVE-2015-1802 | 8.5 |
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negat
|
22-12-2016 - 02:59 | 20-03-2015 - 14:59 | |
CVE-2003-0101 | 10.0 |
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof
|
18-10-2016 - 02:29 | 03-03-2003 - 05:00 | |
CVE-2015-0885 | 5.0 |
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.
|
24-09-2015 - 16:46 | 28-02-2015 - 02:59 |